<?
//i : id
//c : code : filename
defined('BASE_PATH') || define('BASE_PATH', realpath(dirname(__FILE__)));
include_once ("config/config.php");
include_once ("config/common.php");
if (isset($_REQUEST["i"]) && intval($_REQUEST["i"])>0) {
    $sqlCheck = "SELECT * FROM question_attach WHERE id=".intval($_REQUEST["i"]);
    $rs = $db->query_first($sqlCheck);
    if($rs) {
        $file=$config ['upload_dir'].$rs['filename'];
        header("Content-type: application/force-download");
        header("Content-Transfer-Encoding: Binary");
        header("Content-length: ".filesize($file));
        header("Content-disposition: attachment; filename=\"".'bantinnhadat.vn-'.basename($rs['real_filename'])."\"");
        readfile("$file");
        die;
    }
}else{
    echo "Your IP is loged. Dont hack, please!";
}
 ?>